Deloitte data breach demonstrates why MFA and user access controls are a must

Last updated: 05 October 2017

The severe Deloitte breach revealed last week is indicative of several issues that many companies are seemingly slow to absorb when it comes to protecting intellectual property, reputation and customer data.

Move to the cloud can be a double edged sword: According to IDC, worldwide spending on public cloud computing will increase from $67B in 2015 to $162B in 2020 attaining a 19% CAGR. This means that more and more companies are storing sensitive systems, applications and data in the cloud. Cloud applications are excellent at providing organizations the best applications at a quick time to value, zero maintenance overhead and infinite scalability. The immediate fulfillment and instant productivity provided by cloud apps comes, however, with a price tag: IT departments lose visibility into who is accessing what application. And risk increases as apps are managed from multiple disparate consoles.

Compromised credentials are the root cause of the majority of breaches: According to Verizon’s 2017 Data Breach Investigations Report, 81% of hacking-related breaches leveraged either stolen and/or weak passwords. Indeed, the Deloitte breach was apparently caused when the hacker gained access to an administrator email server account by logging on with a simple username and password.

Lack of effective monitoring systems: Brian Krebs, in his Krebs on Security blog, earlier this week writes that ‘a person with direct knowledge of the incident said the company in fact does not yet know precisely when the intrusion occurred, or for how long the hackers were inside of its systems’. This gap may reflect weak monitoring systems and lack of central controls over whom was accessing various systems, when these systems were being accessed and visibility into the access control measures in place.

Cloud-based applications play a vital role in fulfilling productivity, operational and infrastructure needs in the enterprise. The points mentioned above, indicate however that enterprises need to be focused in their cyber-security strategies, and implement protections at the most vulnerable points. Applying effective access security mechanisms such as multi-factor authentication, privileged account access, cloud access management controls as well as continuously monitoring who is accessing which service, when and with what credentials – are vital front line security measures that can prevent unwanted persons from accessing cloud and enterprise services and reduce the risk of breach. Doing otherwise is akin to gambling with your data.